The malicious code signature(s) has been found in resources:
After some research the code is backbone.js- https://github.com/jashkenas/backbone/blob/0.9.2/backbone-min.js the code has not been changed at all. Maybe it is a little older version which is why it was flagged but there is no malicious code. I wanted to give feedback on the scanner but couldn't see where.
They might be tough to get a hold of.
Try contacting Sherrie https://community.magento.com/t5/user/viewprofilepage/user-id/7 She is a Community Manager. She responds fast and might be able to introduce you to security scan support team.